#!/usr/bin/env bash
set -e

RED='\033[0;31m'
GREEN='\033[0;32m'
NC='\033[0m'

# We're assuming this is being run as root in the NixOS installer
export SSH_DIR=/root/.ssh

setup_ssh_directory() {
  mkdir -p ${SSH_DIR}
}

generate_keys() {
  ssh-keygen -t ed25519 -f "${SSH_DIR}/id_ed25519" -N ""
  ssh-keygen -t ed25519 -f "${SSH_DIR}/id_ed25519_agenix" -N ""
  chmod 600 ${SSH_DIR}/id_ed25519{,_agenix}{,.pub}
}

setup_ssh_directory
generate_keys

echo -e "${GREEN}New SSH keys have been generated.${NC}"
echo -e "${GREEN}1) Add the id_ed25519 key to Github.${NC}"
cat "${SSH_DIR}/id_ed25519.pub"
echo -e "${GREEN}2) Create a private nix-secrets repo in Github, even if it's empty.${NC}"
